Merge pull request #58 from KasperskyLab/dev

Adding few features.

README.md

@@ -40,15 +40,6 @@ Once installed, you can connect yourself to the TinyCheck backend by browsing th
 
 The backend allows you to edit the configuration of TinyCheck, add extended IOCs and whitelisted elements in order to prevent false positives. Several IOCs are already provided such as few suricata rules, FreeDNS, Name servers, CIDRs known to host malicious servers and so on.
 
-### Questions & Answers
-
-**Your project seem very cool, does it send data to Kaspersky or any telemetry server?**<br /><br />
-No, at all. You can look to the sources, the only data sent by TinyCheck is an HTTP GET request to a website that you can specify in the config, as well as the watchers URLs. Kaspersky don't - and will not - receive any telemetry from your TinyCheck device.<br /><br />
-**Can you list some hardware which can be used with this project (touch screen, wifi dongle etc.)?**<br /><br />
-Unfortunately, we prefer to not promote any hardware/constructor/website on this page. Do not hesitate to contact us if you want specific references. <br /><br />
-**I'm not very confortable with the concept of "watchers" as the IOCs downloaded are public. Do you plan to develop a server to centralize AMBER/RED IOCs?**<br /><br />
-Yes, if the demand is felt by NGOs (contact us!). Is it possible to develop this kind of thing, allowing you to centralize your IOCs and managing your fleet of TinyCheck instances on a server that you host. The server can also embed better detection rules thanks to the telemetry that it will receive from devices.<br />
-
 ### Special thanks
 
 **Guys who provided some IOCs**

app/frontend/src/components/Controls.vue

@@ -2,9 +2,11 @@
     <div class="controls" v-if="display">
         <i class="off-icon" v-on:click="action('shutdown')" v-if="off_available"></i>
         <i class="quit-icon" v-on:click="action('quit')" v-if="quit_available"></i>
+        <i class="home-icon" @click="$router.push({ name: 'home' })"></i>
         <i class="update-icon" v-if="update_available&&update_possible" @click="$router.push({ name: 'update' })"></i>
     </div>
 </template>
+
 <script>
 import axios from 'axios'
 

app/frontend/src/views/splash-screen.vue

@@ -46,7 +46,7 @@
             }
         },
         created: function() {
-            setTimeout(function () { this.internet_check(); }.bind(this), 1000);
+            setTimeout(function () { this.internet_check(); }.bind(this), 5000);
         }
     }
 </script>

install.sh

@@ -283,7 +283,7 @@ install_package() {
        rm Release.key && sudo apt-get update
        apt-get install zeek -y
     elif [[ $1 == "nodejs" ]]; then
-       curl -sL https://deb.nodesource.com/setup_12.x | bash
+       curl -sL https://deb.nodesource.com/setup_14.x | bash
        apt-get install -y nodejs
     elif [[ $1 == "dig" ]]; then
        apt-get install -y dnsutils
@@ -436,7 +436,7 @@ change_configs() {
 }
 
 feeding_iocs() {
-    echo -e "\e[39m[+] Feeding your TinyCheck instance with fresh IOCs and whitelist."
+    echo -e "\e[39m[+] Feeding your TinyCheck instance with fresh IOCs and whitelist, please wait."
     python3 /usr/share/tinycheck/server/backend/watchers.py
 }
 
@@ -480,4 +480,4 @@ else
     feeding_iocs
     cleaning
     reboot_box
-fi
+fi

server/frontend/app/classes/network.py

@@ -290,8 +290,14 @@ class Network(object):
         try:
             sp.Popen("echo 1 > /proc/sys/net/ipv4/ip_forward",
                      shell=True).wait()
+
+            # Enable forwarding.
             sp.Popen(["iptables", "-A", "POSTROUTING", "-t", "nat", "-o",
                       self.iface_out, "-j", "MASQUERADE"]).wait()
+
+            # Prevent the device to reach the 80 of TinyCheck.
+            sp.Popen(["iptables", "-A", "INPUT", "-i", self.iface_in, "-d",
+                      "192.168.100.1", "-p", "tcp", "--dport", "80", "-j" "DROP"]).wait()
             return True
         except:
             return False